Denial of Service Vulnerability in Linux Kernel's KEYS Subsystem

Denial of Service Vulnerability in Linux Kernel's KEYS Subsystem

CVE-2017-7472 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.